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\ 
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16. Q 



Applicant herewith submits to the United States Designated/Elected Office (DO/EO/US) the following items and other information: 
This is a FIRST submission of items concerning a filing under 35 U.S.C. 371. 
This is a SECOND or SUBSEQUENT submission of items concerning a filing under 35 U.S.C. 371. 
3* 0 * s an ex P re ss request to promptly begin national examination procedures (35 U.S.C. 371(f)). 

4. H The US has been elected by the expiration of 1 9 months from the priority date (PCT Article 31). 
5- QD A copy of the International Application as filed (35 U.S.C. 371(c)(2)) 

a. □ is attached hereto (required only if not communicated by the International Bureau) 

has been communicated by the International Bureau, 
c. □ is not required, as the application was filed in the United States Receiving Office (RO/US). 
6. [H An English language translation of the International Application as filed (35 U.S.C 371(c)(2)) 

Amendments to the claims of the International Application under PCT Article 19 (35 U.S C 371(c)(3)) 
a. □ are attached hereto (required only if not communicated by the International Bureau) 
have been communicated by the International Bureau. 

c. □ have not been made; however, the time limit for making such amendments has NOT expired. 

d. have not been made and will not be made. 

8: EH An English language translation of the amendments to the claims under PCT Article 19 (35 U.S.C. 371(c)(3)). 



PCT Article 36 (35 U.S.C. 371(c)(5)). 



12. 0 An assignment document for recording. A separate cover sheet in compliance with 37 CFR 3.28 and 3.3 1 is included, 
to BULL CP8 



Verification of translation 

Proposed Drawing Corrections & 7 red-lined formal drawings 

Copies of PCT forms: PCT/IB/ 301 & 308, PCT/RO/101, first page of published 
International Application 
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ATTORNEY'S DOCKET NUMBER 

T2146-qnfi?m 



17. LxJ The following fees are submitted; 

BASIC NATIONAL FEE ( 37 CFR 1.492 (a) (1) - (5) ) : 

Neither international preliminary examination fee (37 CFR 1.482) 
nor international search fee (37 CFR 1.445(a)(2)) paid to USPTO 
and International Search Report not prepared by the EPO or JPO $1000.00 

International preliminary examination fee (37 CFR 1.482) not paid to 

USPTO but International Search Report prepared by the EPO or JPO $860.00 

International preliminary examination fee (37 CFR 1.482) not paid to USPTO but 
international search fee (37 CFR 1.445(a)(2)) paid to USPTO $710.00 

International preliminary examination fee paid to USPTO (37 CFR 1.482) 

but all claims did not satisfy provisions of PCT Article 33(l)-(4) $690.00 

International preliminary examination fee paid to USPTO (37 CFR L482) 

and all claims satisfied provisions of PCT Article 33(l)-(4) $100.00 

ENTER APPROPRIATE BASIC FEE AMOUNT = 



CALCULATIONS pto use only 



$ 860.00 



Surcharge of $130.00 for furnishing the oath or declaration later than EH 20 I I 30 
months from the earliest claimed priority date (37 CFR 1.492(e)). 



CLAIMS 



NUMBER FILED 



NUMBER EXTRA 



RATE 



Total claims 



-20 



X $18.00 



Independent claims 



X $80.00 



MULTIPLE DEPENDENT CLAIM(S) (if applicable) 



+ $270.00 



TOTAL OF ABOVE CALCULATIONS - 



I I Applicant claims small entity status. See 37 CFR 1.27. The fees indicated above 
are reduced by 1/2. 



SUBTOTAL = 



Processing fee of $130.00 for furnishing the English translation later than d|20 \Z\ 30 
months from the earliest claimed priority date (37 CFR 1.492(f)). + 



$ 



TOTAL NATIONAL FEE = 



Fee for recording the enclosed assignment (37 CFR 1.21(h)). The assignment must be 
accompanied by an appropriate cover sheet (37 CFR 3.28, 3.31). $40.00 per property + 



40.00 



TOTAL FEES ENCLOSED = 



$ ^? QQ.QQ 



Amount to be 
refunded* 



charged: 



,0 A check in the amount of 



to cover the above fees is enclosed. 



Please charge my Deposit Account No. in the amount of $ to cover the above fees. 

A duplicate copy of this sheet is enclosed. 

0 The Commissioner is hereby authorized to charge any additional fees which may be required, or credit any 
overpayment to Deposit Account No. jUHoj A duplicate copy of this sheet is enclosed. 



NOTE: Where an appropriate time limit under 37 CFR 1.494 or 1.495 has not been met, a petition to revive (37 CFR 
1.137(a) or (b)) must be filed and granted to restore the application to pending stat 



SEND ALL CORRESPONDENCE TO. 

Edward J. Kondracki 
MILES & STOCKBRIDGE P.C. 
1751 Pinnacle Drive, Suite 500 
McLean, VA 22102-3833 




SIGNATURE: 

Edward J . Kondracki 

NAME 



20, 604 
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IN THE UNITED STATES DESIGNATED/ELECTED OFFICE (D.O./E.O./US) 



Applicant: 

International 
Application No.: 

International 
Filing Date: 

U.S. Serial No.: 

U.S. Filing Date: 

For: 



Michel HAZARD 

PCT/FR00/01814 

29 June 2000 
To be Assigned 
February 28, 2001 

METHOD FOR MAKING SECURE A SENSITIVE 
INFORMATION PROCESSING IN A MONOLITHIC 
SECURITY MODULE, AND ASSOCIATED SECURITY 
MODULE 



McLean, Virginia 



PRELIMINARY AMENDMENT 



Honorable Commissioner of Patents 

and Trademarks 
Washington, D.C. 20231 

Sir: 

Please amend the subject application, filed concurrently herewith, as 
indicated below: 
IN THE TITLE: 

After "METHOD FOR", please delete "MAKING SECURE A SENSITIVE 
INFORMATION PROCESSING" and substitute -PROTECTING THE PROCESSING 
OF SENSITIVE INFORMATION-; 
IN THE SPECIFICATION : 

After the title and before the first paragraph on page 1 , insert the following 
heading at the left-hand margin: 
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- FIELD OF THE INVENTION -; 

Page 1 , at line 1 4, and before the paragraph beginning "The term 
monolithic...", insert the following heading at the left-hand margin: 
- BACKGROUND OF THE INVENTION --: 

Page 2, at line 21 , and before the paragraph beginning "The object of the ..." 
insert the following paragraph at the left-hand margin: 
- SUMMARY OF THE INVENTION -; 

Page 3, at line 13 and before the paragraph beginning "Other 
characteristics...", insert the following heading at the left hand margin: 
- BRIEF DESCRIPTION OF THE DRAWINGS- : 

Page 3, at line 27 and before the paragraph beginning "The wiring 
diagram...", insert the following heading at the left hand margin: 
- DESCRIPTION OF THE PREFERRED EMBODIMENTS -: 

Page 14, after the final paragraph, insert the following new paragraph: 
-While this invention has been described in conjunction with specific 
embodiments thereof, it is evident that many alternatives, modifications and 
variations will be apparent to those skilled in the art. Accordingly, the preferred 
embodiments of the invention as set forth herein, are intended to be illustrative, not 
limiting. Various changes may be made without departing from the true spirit and full 
scope of the invention as set forth herein and defined in the claims. — 

IN THE CLAIMS : 

Please cancel claims 1 - 19 in their entirety and without prejudice and 
substitute the following new claims: 
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1 -20. A method for protecting the processing of sensitive information in a 

2 security module having a monolithic structure, information processing means 

3 (31) and storage means for storing (32,33) information capable of being 

4 processed by said processing means, comprising the following steps: 

5 . selecting a piece of sensitive information stored in the storage means; 
5 . determining a specific condition for the integrity of said information; 

7 - reading the information and transmitting it to the processing means for 

8 processing; 

9 - processing the information and verifying during processing that the 

10 specific condition is satisfied; and 

11 - disabling processing of the information if the specific condition is not 

12 satisfied. 

1 21 . The method according to claim 20, wherein the information is an 

2 operation code read in the storage means (32, 33), the operation code being 

3 contained in a table having a content determined during the manufacture of the 

4 security module, and the specific condition for the integrity of the information 

5 being the value of the information is equal to one of several set values. 

1 22. The method according to claim 21 , wherein the operation code to 

2 be processed is coded in the form of data bits and said bits do not all have the 

3 same binary value. 

1 23. The method according to claim 20, wherein the specific step of 



2 determining the condition for the integrity of said information comprises checking 

3 a calculated or first piece of integrity data using the information read in the 

4 storage means (32, 33) during the reading of the information and transmitting the 

5 first piece of integrity data to the processing means, and calculating a second 

6 piece of integrity data by the processing means from the information received 

7 and checking for equality between the first and second pieces of integrity data. 

TYSO0V9129763v0lT2146-906817l02\14\01 3 
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1 24. The method according to claim 23, wherein the first piece of 

2 integrity data is calculated from at least one piece of calculation data whose 

3 value varies as a function of time. 

1 25. The method according to claim 23, wherein the first piece of 

2 integrity data is calculated from at least one piece of calculation data whose 

3 value varies randomly. 

1 26. The method according to claim 20, wherein the disabling of the 

2 processing of the information is performed by a microprogrammed instruction. 

1 27. The method according to claim 26, wherein the microprogrammed 

2 instruction performs the following steps: 

3 - writing a piece of disable data into a nonvolatile location of the storage 

4 means (32, 33); and 

5 - disabling the processing of the information. 

1 28. The method according to claim 27 further comprising reading by 

2 the processing means (31) a nonvolatile location of the storage means (32, 33) 

3 upon power up of said module and disabling the module if a value read at this 

4 location does not match. 

1 29. A security module comprising an electronic circuit having a 

2 monolithic structure and comprising information processing means (31) and 

3 information storage means (32, 33), means for extracting information from the 

4 storage means and means for selecting information to be processed, the 

5 processing means further comprising means for verifying a specific integrity 

6 condition of a piece of sensitive information, and means for disabling the 

7 processing of the information, said means for disabling being activated when the 

8 means for verification have detected that the specific condition is not satisfied. 
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1 30. A security module according to claim 29, wherein the processing 

2 means (31) execute instructions corresponding to operation codes extracted 

3 from a table, characterized in that the table comprises a forbidden instruction 

4 value. 

1 31 . A security module according to claim 30, wherein the operation 

2 code to be processed is coded in the form of data bits, the security module 

3 comprising a means for reading the values of all the bits and a disabling means 

4 activated when the values of the bits are all identical. 

1 32. A security module according to claim 29, wherein the processing 

2 means (31) execute instructions corresponding to operation codes extracted 

3 from a table, the security module comprising a means for reading an operation 

4 code and a disabling means activated during the reading of a forbidden 

5 operation code. 

1 33. A security module according to claim 32, wherein the disabling 

2 means comprise a means for irreversibly writing an indicator into the storage 

3 means (32, 33), and a means for reading said indicator during the next power-up 

4 of the module. 

1 34. A security module according to claim 29, comprising parity 

2 generators (7, 8) cooperating with the storage means, parity generators (11) 

3 cooperating with the processing means, and a comparator connected to each of 

4 the parity generators and capable of inducing an interrupt in the processing 

5 means. 

1 35. A security module according to claim 34, wherein the operation of 

2 the parity generators (7, 8) varies as a function of time. 

1 36. A security module according to claim 34, wherein the operation of 

TYSO01 :91 29763v0IT21 46-90681 7102X1 4\01 ET 
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2 the parity generators (7, 8) varies randomly. 

1 37 A security module according to claim 33, characterized in that the 

2 irreversible writing of the indicator into the storage means (32, 33) is performed 

3 by executing a microprogrammed instruction. 

1 38. A security module according to claim 29, characterized in that the 

2 security module is a microcircuit card.-- 



TYSO01:9129763v0IT21 46-90681 7I02\14\01 



6 



T21 46-906833-US3830/BC(PCT) 

IN THE ABSTRACT: 

Please cancel the Abstract at page 1 8 and substitute the following Abstract. 
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- ABSTRACT 

The invention relates to a method and associated security module for 
protecting the processing of sensitive information in a security module with a 
monolithic structure, the module comprising information processing means (9) and 
5 means for storing (3, 4) information capable of being processed by said processing 
means. The method comprises the following steps: 

- selecting a piece of sensitive information in the storage means; 

- determining (7) a specific condition for the integrity of said information; 

- reading the information and transmitting (1) it to the processing means; 
10 - verifying (11) during the processing of the information that the specific 

condition is satisfied; and 

- disabling the processing of the information if the specific condition is not 
satisfied.-- 
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REMARKS 

This Preliminary Amendment is filed to insert headings to conform the 
application to U.S. practice and to correct informalities in the specification, claims 
and abstract resulting from a literal translation of the French text. 
Early action on the merits is earnestly solicited. 

Respectfully submitted, 
MILES & STOCKBRIDGE P.C. 



Date: February 28. 2001 




1751 Pinnacle Drive - Suite 500 
McLean, VA 22102-3833 
Tel.: 703/903-9000 
Fax: 703/610-8686 
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T21 46-906833-US3830/BC(PCT) 
IN THE UNITED STATES DESIGNATED/ELECTED OFFICE (D.O./E.O./US) 

Applicant: 



International 
Application No.: 

International 
Filing Date: 

U.S. Serial No.: 

U.S. Filing Date: 

For: 



Michel HAZARD 

PCT/FR00/01814 

29 June 2000 
To be Assigned 
February 28, 2001 

METHOD FOR MAKING SECURE A SENSITIVE 
INFORMATION PROCESSING IN A MONOLITHIC 
SECURITY MODULE, AND ASSOCIATED SECURITY 
MODULE 

McLean, Virginia 

PROPOSED DRAWING CORRECTIONS 

Hon. Commissioner of Patents and Trademarks 
Washington, D.C. 20231 

Sir: 

Applicant requests approval of the drawing corrections on Figs. 1 - 7 as 
shown in red on the attached seven (7) sheets. 

The proposed corrections only comprise translating the French terms into 
English and removing the headings "1/7" - "7/7" to conform the drawings to U.S. 
practice. 
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Date: February 28.2001 



1751 Pinnacle Drive - Suite 500 
McLean, VA 22102-3833 
Tel.: 703/903-9000 
Fax: 703/610-8686 



Respectfully submitted, 
MILES & STOCKBRIDGE P.C. 




Edward J. Kondracki 
Registration No. 20,604 
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METHOD FOR MAJO>^ECIJRE A SE^ITVEjNTO^ ATION 
PROCE SSING IN A MONOLITH IC-SEC URITY MODULE ^^ 

SECURITTMODULE 

5 The present invention relates to a method and a device for increasing the security 

of a monolithic security module comprising a microprocessor and designed to execute a 
program to be protected. A program to be protected is a set of instructions whose 
execution must meet criteria such as: authentication of the user, confidentiality of the data 
exchanged, authenticity and validity of a transaction, and generally, application data 

10 processing in which a user's rights and obligations are controlled. The object of the 
present invention is to provide the security module with means for detecting and 
counteracting fraudulent external interventions for accessing sensitive data by 
circumventing intrinsically known prior controls. 

The term monolithic "security module" covers any electronic circuit constituted 

15 by a single silicon chip and encased in a container, the circuit comprising a central 

processor, at least one memory, and peripherals such as input/output circuits, interrupt 
controllers, etc. The security module can take the form of an integrated circuit or a 
portable object of the chip-card type used, for example, in the banking field, in mobile 
radiotelephones, pay television decoders, health, transportation, etc. 

20 The security modules according to the invention include at least one 

microprocessor, a memory containing a program and input/output means for 
communicating with the outside. The memory contains at least one application program 
that can be written into a memory of the ROM type during the manufacture of the circuit 
or subsequently written into a programmable memory. Generally, the program contains 

25 the instructions executed by the microprocessor, the instructions being transferred from 
the ROM or nonvolatile memory to the microprocessor through a data bus coupled with 
an address bus. If the bus paths are too long, the manufacturer of the circuit places 
amplifier circuits at the ends of the buses so that the binary signal is correctly propagated 
along its entire length. 

30 Amplifier circuits require high input impedance, which makes them susceptible to 

external interference. When subjected to elementary particle radiation, they can be 



saturated for a certain amount of time, and no matter what the incoming data, emit only 0 
volt or +Vcc through the bus, i.e. a binary "0" or "1." This radiation may be constituted 
by alpha rays, X-rays, or positively or negatively charged ions depending on whether an 
output of "0" or "1" from the amplifier is desired. 

5 A hacker in possession of an authentic card may try to evade the security devices 

in order to misuse services: he will then subject the security module to such radiation, 
hoping to interfere with its operation to his advantage. The emission source can be short 
enough to interfere with the execution of only one or several instructions. This 
interference can replace the value read in the memory of the program with another value 

10 imposed by the emission of the radiation. Thus, the program flow is different and the 
hacker can use this to his advantage. 

A first way to counteract this type of attack is to install radiation sensors; as soon 
as these sensors detect any abnormal radiation, they set a flag that can be read by the 
program. Such a solution is described in US patent 5.465.349, the American equivalent of 

15 French patent 2 688 274. But hackers have improved the means of investigation and are 
using emitters of extremely fine radiation. By aiming the radiation only at the amplifiers 
or at a group of amplifiers, the sensors no longer detect the fraud. No matter what, this 
counterattack is incapable of detecting an intervention by means of micropoints, and in 
any case it is possible to disturb the sensors' read sequence so that the program runs as 

20 though nothing abnormal has been detected. 

The object of the invention is to detect alterations in the transmission of the 
instructions and the data between a memory and a microprocessor. The problem that the 
invention seeks to solve is the detection of an external intervention attempting to interfere 
with the flow of a program by modifying the value of the signals exchanged through the 

25 busses of a microcontroller. 

This problem is solved according to the invention by providing for measurements 
that allow the security modules to verify whether the information is flowing properly 
through the module and whether the programs have been fully executed. If not, the 
normal execution of the program is interrupted. Optionally, any further utilization of the 

30 module is prohibited, because the module has detected that it is being used illicitly. 
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More precisely, the invention claims a method for protecting the processing of 
sensitive information in a security module with a monolithic structure, the module 
comprising information processing means and means for storing information capable of 
being processed by said processing means, characterized in that it comprises the 
5 following steps: 

- selecting a piece of sensitive information in the storage means; 

- determining a specific condition for the integrity of said information; 

- reading the information and transmitting it to the processing means; 

- verifying during the processing of the information that the specific condition is 
10 satisfied; 

- disabling the processing of the information if the specific condition is not 
satisfied. 

Other characteristics and advantages of the present invention will emerge during 
the following description of several preferred but non-limiting embodiments, in reference 
1 5 to the attached drawings, in which: 

Fig. 1 represents the diagram of a conventional microprocessor system. 

Fig. 2 shows the instruction set of the MOTOROLA 6805 processor. 

Fig. 3 shows the modified instruction set of the microprocessor according to the 
invention. 

20 Fig. 4 shows a block diagram of the modified circuit according to the invention. 

Fig. 5 shows a part of the block diagram of the modified circuit according to an 
improvement of the invention. 

Fig. 6 shows a part of the program memory, equipped with steps for updating and 
modifying an indicator that makes it possible to detect external interference. 
25 Fig. 7 shows a part of the program memory according to a variant of the 

invention. 

The wiring diagram of a microprocessor system is represented in Fig. 1. This 
diagram is extracted from the book Architecture de VOrdinateur {Computer Architecture) 
by Andrew Tanenbaum, published by InterEditions. The system comprises, in an 
30 intrinsically known way, the following elements: a microprocessor 31, a RAM 32, a 
program memory EEPROM 33 containing the executable program, and input/output 



means 34. The these various elements are connected by two busses, the address bus 35 
and the data bus 36. It is customary to refer to the bus that carries the set of signals such 
as the clock signals, the read and write signals, etc., as the "control bus/' 

Depending on the operation executed, these elements can be in information 
receiving mode or information sending mode. When the microprocessor reads an 
instruction in a byte at a certain address, the eight cells of the ROM constituting the byte 
corresponding to this address send the value written in the cells through the data bus, 
which transmits them to the microprocessor, the latter being in receiving mode. 
Conversely, when the microprocessor sends a piece of data to the memory, the data bus is 
in the sending mode. The internal operation of the component is detailed in US patent 
4.382.279, the American equivalent of French patent 2 461 301. 

Each microprocessor has a specific instruction set. The MOTOROLA 6805 
microprocessor processes eight-bit data internally. Its data bus comprises 8 lines and the 
operation code of its instructions is coded into 8 bits. For example, the instruction set of 
the M6805 and M 1468805 microprocessors, extracted from the documentation 
"Microcomputer/Microprocessor User's Manual" is represented in Fig. 2. An instruction 
for this type of microprocessor is coded into 8 bits, hence there are 256 different codes, 
but not all of them are executable by the microprocessor. Certain codes are not 
implemented and correspond to holes in the table of Fig. 2, for example the codes: 90H, 
31H, 41H, 51H, 61H, 71H, 91H, 23H, 24H, 25H, 26H, 27H, 28H 29H, 93H, 94H, etc. If 
the microprocessor reads an operation code that is not implemented, its execution is not 
guaranteed. Thus, the microprocessor can jump to the next instruction without doing 
anything else. 

As may be seen in Fig. 2, the code "00" of the instruction set of the MOTOROLA 
6805 microprocessor corresponds to the instruction "BRSET0" and the code "FF" 
corresponds to the indexed instruction M STX". The instruction "BRSET0" takes up three 
bytes in the program memory and is executed in ten clock cycles; the instruction "STX" 
takes up one byte and is executed in five clock cycles. The microprocessor has a ordinal 
counter containing the address of the instruction in the program memory that is currently 
being executed. As stated in the preamble, if a hacker sends radiation through the bus, 
one or another of these instructions will be executed instead of the one actually read in 



the program memory. In the case of the instruction "BRSETO", after its execution, the 
ordinal counter of the microprocessor is increased by three units and hence points three 
bytes further ahead in the program memory. For the instruction "STX", the ordinal 
counter is increased by one unit. By emitting the radiation during the ten clock strokes 
5 required for the execution of BRSETO, the microprocessor will read three bytes at "OCT, 
and translate this into "test whether the bit 0 of the byte 00 is at 1 and jump if that is the 
case". Because of the radiation, the value 00 of the byte at the address 00 is read, so the 
jump does not happen and the program continues with the next instruction. Thus, by 
subjecting the circuit to radiation for a certain number of clock pulses, a hacker can 
10 artificially advance the ordinal counter in successive three-byte jumps, and prevent the 
execution of a sequence written in program memory. For a microprocessor from the 8051 
family produced by the INTEL company and various other companies, the operation code 
whose binary value is 00 corresponds to the instruction NOP, which means "no 
operation." This instruction uses only one byte. In this case, the hacker can artificially 
15 advance the ordinal counter byte by byte. 

A first solution consists of interrupting the normal operation of the 
microprocessor during the reading of an instruction whose code is "00" or "FF". The 
module becomes mute; just one power-down followed by one power-up of the module 
can restart the microprocessor. Fig. 3 shows the modified instruction set according to the 
20 invention. The new instruction corresponding to "00" or "FF" is called "FRAUD", 

abbreviated FRY). Compared to the normal instruction set described in Fig. 2, some of the 
columns have been inverted so that the codes "00" and "FF" no longer correspond to 
executable instructions. Column number "0", which contained the instruction "BRSETO" 
is transferred to column 2; column number "F" which contained the instruction "STX" is 
25 transferred to column A. The columns are transferred by modifying the mask of the 

circuit, in the element that decodes the four most significant bits of the operation code of 
the instructions. It would also be possible to modify the decoding of the four least 
significant bits of the operation code, but it wasn't necessary for this microprocessor 
model. 
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The program does not contain a "FRAUD" instruction. The progammer who 
writes an application program is careful not to implement such instructions in his 
program. 

As shown in Fig. 3, the solution can be generalized to all of the operation codes 
5 that do not correspond to an instruction recognizable by the microprocessor. Thus, the 
new "FRAUD" instruction is assigned to all the codes not used, such as: 01H, 02H, 03H, 
04H, 05H, 06H, OEH, 12H, 14H, 15H, 16H, 17H, 18H, 19H, 1 AH, and so on up to FFH 
• 47 different operation codes in all, all of which execute the same "FRAUD" 
instruction. 

10 In a variant, this interruption triggers an instruction microprogrammed into the 

microprocessor. This type of instruction executes a non-reversible instruction of the type 
for writing a code into nonvolatile memory. When the next power-up occurs, the reset 
management circuit tests the value of this code in nonvolatile memory and disables the 
operation of the microprocessor. The microprogrammed instruction triggers an operation 
15 for definitively disabling the circuit. Microprogrammed instructions have the advantage 
of being resident in the heart of the microprocessor and hence their execution cannot be 
interrupted or altered by radiation acting on the bus. It is therefore impossible to detect 
the execution of a microprogrammed disable instruction. 

A second solution for detecting the disturbance of a piece of data in a bus is to 
20 implement an integrity check from one end of the busses to the other. Fig. 4 shows the 
wiring diagram with its bus integrity controller. 

Added to the eight lines of the data bus 1 is a ninth line, marked PARITY 2, 
whose logical state corresponds to the parity value calculated from the eight pieces of 
binary information present in the data bus. As stated above, the operation codes of the 
25 various instructions of a program are read from the ROM 3 or from nonvolatile 

programmable memory 4, EEPROM for example. The signal output from a memory cell, 
whose value represents the binary data stored by this cell, is too weak to reach the 
microprocessor via the data bus. In order for these signals to reach the microprocessor, 
amplifier circuits 5 and 6 are installed just after the cells of the memories EEPROM and 
30 ROM and before the bus. These two circuits have a control input E that makes it possible 
to activate their output. If the signal E has a level "1," the eight outputs are not active. 

6 



They are in a state of high impedance. The EEPROM being read-and write-accessible, 
the amplifier circuit 5 is two-way. The direction of the data transfers is controlled by the 
microprocessor through the READ/WRITE control line 18. 

The means for checking the integrity of the data read in the memory cells 
comprise parity generators 7, 8 and 1 1, a comparator 12 and a non-maskable interrupt 
input called "NMF connected to the microprocessor. The parity generators 7, 8 and 11 
calculate the parity value of the data present in eight inputs. For example, the circuit 
74HC280 manufactured by National Semiconductor is a parity generator available in the 
form of an integrated circuit. Its structure can be fully integrated into the monolithic 
circuit. The parity generators also have an output line Q whose state represents the parity 
value of the data applied to the eight inputs and a control line E that activates the output 
Q when 0 volt is applied to it. In this case, the output line Q is at 0 volt if the number of 
inputs at +Vcc is even, or at +Vcc if the number of intputs at +Vcc is odd. When +Vcc is 
applied to the input E, the output line Q is in a state of high impedance. The parity 
generator 7 calculates the parity of the data selected in the EEPROM, the parity generator 
8 calculates the parity of the data selected in the ROM and the parity generator 1 1 
calculates that present in the microprocessor. 

The microprocessor 9 also has an amplifier circuit 10 for ensuring the 
compatibility of the signals flowing through the data, address and control busses. This 
amplifier circuit connected to the data bus 10 is two-way; on one end, it amplifies the 
data signals that the microprocessor sends to the memories and to the peripherals; on the 
other end it amplifies the signals received by these same memories and peripherals so that 
the signals are correctly processed by the internal circuits of the microprocessor. Most 
microprocessors have a "fetch" device that makes it possible, in the same clock cycle, to 
execute an instruction and to read the operation code of the next instruction. 

The microprocessor 9 controls the address bus; the value applied to this bus 
determines which type of peripheral is selected. In order to reduce the number of 
selection lines, an address decoder 13 receives the address bus in an input and selects the 
various peripherals and memories through specialized lines: the line called "EEPROM" 
selects the EEPROM and the line "ROM" selects the ROM. Each of these two lines is 
connected to the memory and to the corresponding parity generator. 



The lines EEPROM and ROM are active in the 0 state. The output of the AND 
gate 14 generates a selection signal common to both memories; if one of the two lines 
EEPROM and ROM is at "0 M , the line 15 is also at "0". The line 15 is connected to the 
input E of the parity generator 1 1 which, as a result, is active at the same time as one of 
5 the parity generators 7 or 8. If no memory is selected, the output lines 2 and 16 of the 

generators are in the high impedance state. The output lines 2 and 16 of the generators are 
respectively connected to each of the two inputs of the comparator 12. The output Q of 
the comparator is connected to an interrupt input of the microprocessor (marked "NMI" 
in Fig. 4). 

10 When in use, the microprocessor reads an operation code representing an 

instruction in the ROM. It applies the address of the code to the address bus, which 
activates the line ROM, and consequently the amplifiers 6 and the parity generators 8 and 
1 1 . The amplifiers send the data read in the ROM to the data bus, and the parity generator 
calculates the parity value of said data, then sends the value to the comparitor 12 through 

15 the PARITY line 2. The microprocessor reads the data through the two-way amplifiers 
10. The parity generator 11, activated by the line 15, calculates the parity value of the 
data read by the microprocessor and sends it to the comparator through the line 16. The 
comparator 12 compares the two values: if they are equal, the output is at the level 11 1"; if 
they are different, the output is at "0". In the latter case, the data has been altered, very 

20 likely due to a fraudulent emission of radiation. The output of the comparator is 

connected by the line 17 to the input "NMI" of the microprocessor. A "0" level triggers a 
non-maskable interrupt, which results in a redirection of the current program to an 
interrupt routine. The activation of the comparator can take place during the fetch phase; 
thus the generation of the interrupt is perfectly synchronized with the sequencing clock of 

25 the microprocessor. 

The operation is identical when the microprocessor performs a read of the 
EEPROM. 

In a simplified embodiment of the invention, the input "NMI" is similar to the 
RESET input of the microprocessor. When the input becomes inactive again, the 
30 microprocessor is enabled and starts its program in the same way as during a power-up. 



8 



Thus, an external intervention cannot control the microprocessor which, as long as it is 
subjected to this radiation, is disabled. 

Compared to the first solution, which seeks to verify that an operation code is 
correctly read, this second solution offers the advantage of controlling any data type: 

5 operation code or data. Parity generators can also be installed in the address bus in the 
same way as in the data bus. This second solution also offers the advantage of controlling 
the signals of the address bus. 

In a variant, a level "0" in the "NMI" input triggers the execution of a 
microprogram. In order to prevent transient phenomena, the recognition of the level of 

10 the signal in the "NMI" input takes place during a transition of the clock of the 
microprocessor, a transition during which the data analyzed by the parity signal 
comparator is valid. The operation of a conventional interrupt handling program written 
into the ROM would be disturbed by the hacker. According to the invention, on the other 
hand, a microprogram is resident in the microprocessor; it does not read data through the 

15 bus; therefore its execution cannot be disturbed by radiation acting on the bus. The 

microprogram, triggered by the application of a level "0" to the "NMI" input, produces 
two actions: the first is the writing of a flag called "DISABLED" into the programmable 
nonvolatile memory, and the second is a resetting of the microprocessor. The writing of 
the flag DISABLED is irreversible: the state of this flag can no longer be modified, either 

20 by the microprocessor or by an external means. An initialization circuit, activated when 
the security module is powered up, tests the state of the flag DISABLED and sets the 
microprocessor to a permanent RESET state if the flag has been written. Advantageously, 
this flag can be embodied by a fuse, the melting of which renders the microprocessor 
unusable. 

25 If a hacker imposes a level "0" on all the lines of the bus, including the PARITY 

line, the comparator 12 does not detect any error. In essence, the number of lines at "0" 
being even, the parity signal must be at "0"; the PARITY line is forced to exactly that 
level. In order to prevent this, according to a variant of the second solution, one uses the 
fact that parity generators generally have two outputs, one for generating an even parity, 

30 the other for generating an odd parity. 
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Fig. 5 shows the wiring diagram of the modifications to be made to Fig. 4 in order 
to integrate programmable parity generator circuits into the monolithic circuit. The 
elements common to Fig. 4 and Fig. 5 have the same references. 

The parity generators 7a, 8a and 11a have two outputs: the one marked Qp is the 

5 output for the even parity signal, and the other Qi is the output for the odd parity signal. 
When the number of input lines at "1" is even, then Qp is at "1" and Qi is at "0"; when the 
number of input lines at "1" is odd, then Qi is at "1" and Qp is at "0". The circuits 20 and 
21, each constituted by two AND gates, one OR gate and one inverter gate, constitute 
multiplexers. The two inputs of the multiplexers are respectively connected to the two 

10 outputs Qi and Qp of the parity generators. A control line marked 23 selects the input. If 
the line 23 is at "0", the outputs of the gates 20c and 21c are at "0", and with the help of 
the inverter gates 20b and 20c, the outputs of the gates 20a and 21a as well as those of the 
gates 20d and 21d reproduce the logical levels of the outputs Qi of the parity generators 
7a, 1 la. In this case, the outputs Qi are selected and the data present in the outputs Qi are 

15 sent to the comparator 12. It is the odd parity signals that are compared. If the line 23 is at 
"1", with the help of the inverter gates 20b and 20c, the outputs of the gates 20a and 21a 
are at "0", the outputs of the gates 20c and 21c, as well as those of the gates 20d and 2 Id, 
reproduce the logical levels of the outputs Qp of the parity generators 7a and 1 la. In the 
latter case, the outputs Qp are selected and the data present in the outputs Qp are sent to 

20 the comparator 12. It is the even parity signals that are compared. 

The signals of the line 23 are sent by a random signal generator 22. This generator 
is an electronic circuit that receives through an input line the clock of the microprocessor 
and delivers a signal "0" and "1" randomly over time. In a simplified way, the random 
signal generator can be a counter whose output changes its state at each predetermined 

25 time interval. The random signal generator 22, the multiplexer 21 and the comparator 12 
are located as close as possible to the microprocessor, and preferably integrated into the 
latter. Thus, they are not very disturbed by a hacker sending radiation through the bus. 
More complicated circuits using an oscillator inside the random signal generator can be 
installed. The purpose of this generator is to emit a logical signal through a line whose 

30 state changes fairly often, on the order of 100 to 10,000 times per second. It is important 
to synchronize the line's changes of state with the clock of the microprocessor, in order to 



avoid accepting the "NMF line at the precise moment when the signal of line 23 changes; 
otherwise interference could be produced due to differences in the propagation of the 
signals. 

During use, the hacker subjects the data bus to radiation, which forces the data 
and parity bits to "1" or to "0". Depending on the binary value, the parity value calculated 
from the data bits forced by the radiation can be equal to the value forced by the 
radiation; hence, since they are equal, no error is detected. By frequently changing the 
parity type by means of the random signal generator, the presence of the radiation is 
detected immediately. 

When the random signal generator 22 emits a level "0", the signals emitted by the 
outputs Qi of the parity generators 7a and 1 la are selected and hence, the parity signals of 
the odd type are compared. When the random signal generator 22 emits a level "1", the 
signals emitted by the outputs Qp of the parity generators 7a and 1 la are selected and 
hence, the parity signals of the even type are compared. 

Let us distinguish, first of all, the case where the bus is subjected to a radiation 
that forces the lines of the data and parity busses 2a to " 1 ,r . When the random signal 
generator 22 sends a signal "0", the output Qi of the parity generator 1 1 is selected, and 
its level, equal to "0", is different from that of the parity line 2a, which is forced to "1". 
The comparator therefore easily detects this type of radiation, triggering an interrupt. 
Let's go to the second case, where the bus is subjected to a radiation that forces the lines 
of the data and parity busses 2a to "0". When the random signal generator 22 sends a 
signal "1", the output Qp of the parity generator 1 1 is selected, and its level, equal to "1", 
is different from that of the parity line 2a, which is forced to "0". In this case, too, the 
comparator detects the radiation, and signals it to the microprocessor through an 
interrupt. 

This variant adds a paramater that makes the behavor of the circuit even more 
unpredictable for a hacker, since this parameter increases the difficulty of controlling the 
state of the bus lines from the outside without the circuit's detecting it. 

A third solution for detecting an alteration in the execution of a program is to 
implement flag modification routines from place to place within a program to be 
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protected, and to verify prior to starting an operation on the sensitive data that all the 
flags have been modified. 

Fig. 6 shows a part of the memory containing a program implemented at the 
hexadecimal address 0800. This memory can be the ROM or the EEPROM, but any other 
type of nonvolatile memory capable of executing instructions will work. All the flags are 
represented by bits and grouped in memory into an indicator. In the example described, 
this indicator is a byte of the RAM called FLAG. A certain number of bits composing 
this byte are used to mark the passage to certain steps in the program that lead to an 
operation on sensitive data. 

At the address 800 (step 1), the FLAG byte is set to the binary value "0000 0001", 
the first bit at "1" indicating that step 1 has been executed. At the address 880H 9step 2) 
the FLAG byte is read and modified by the execution of a logical OR (the ORA 
instruction in MOTOROLA 6805) between its current content and the binary value "0000 
0010": the result of the OR operation is written into the FLAG byte. At the address 8A0H 
(step 3), the FLAG byte is read and modified by the execution of a logical OR between 
its content and the binary value "0000 0100"; the result of the OR operation is written 
into the FLAG byte. Finally, at the address 900H (step 4), the protected part of the 
program ends: the FLAG byte is read and checked: if its value is different from the binary 
value "0001 01 11 the program jumps to a fraud handling routine. 

In use, the program to be protected begins at the address 0800H. The first step 
(step 1) consists of updating the FLAG byte by setting the first bit of the FLAG byte to 
"1". Then, the program continues in sequence up to a second, so-called modification step 
(step 2) in which the second bit of the FLAG byte is set, thus indicating that step 2 has 
been executed. Consequently, we can assume that all the instructions of the program 
between step 1 and step 2 have been executed. Then, the program continues in sequence 
up to the modification step 3, where the third bit of FLAG is set to "1". Finally, the 
program to be protected ends in a routine for testing the FLAG byte (step 4): it consists of 
verifying the execution of steps 1, 2 and 3. If the value is different from "0000 0111", a 
trap of the program occurs, which reveals an abnormal operation, very likely resulting 
from an attempted fraud. In this case, the program interrupts its normal operation to jump 
to the fraud handling routine. Since a hacker does not know the places in the program 

12 



where the routines for modifying the FLAG byte are implemented, he does not know the 
moments at which they are executed, and therefore, by interfering with the values of the 
data bus, there is a strong probability that he will succeed in eliminating the execution of 
at least one of steps 1, 2 or 3, and hence the FLAG byte will not have the expected final 
5 value. 

In a simplified way, the fraud handling routine can consist in a reset of the 
microprocessor (RESET). An improvement consists of using a microprogrammed 
instruction for step 4 so that a hacker cannot interfere with its flow by preventing the 
execution of certain instructions while allowing others. This instruction has the following 
10 structure: "Operation code, Address to be read, Value to be compared": it sequentially 
executes the following functions: 

1 reading the "Address" byte 

2 comparing the value of the byte read to "Value" 

3 if equal, then jumping to the next instruction 

15 otherwise 4 writing the flag DISABLED into nonvolatile memory 

5 RESET of the microprocessor 

Quite clearly, by increasing the number of flags and hence the number of steps for 
updating the indicator, one increases the moments at which external interference is 

20 detected. The FLAG indicator must therefore be represented by several bytes. But the 
steps for updating the indicator take up memory space that cannot be used for the 
application program, both at the level of the program and at the level of the RAM. It is 
therefore necessary to optimise the number of steps. For example, for a 1000-byte 
program to be protected, a good compromise would be to install 32 steps for modifying 

25 the indicator. These 32 steps and the final test routine take up 162 bytes of program 

memory and 4 bytes of RAM. Depending on the complexity of the program, which may 
include jumps and may not perform all of the modification steps, the test of the FLAG 
byte may involve only a limited number of bits. If the program to be protected ends at 
different places, several test routines that include different values of the FLAG byte can 

30 be installed in the program. 
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This solution has the advantage of being easy to use in a conventional component 
because it does not involve modifying the hardware portion of the component. 

An improvement of the invention consists of implementing in the program 
instructions for erasing the FLAG byte in places that are normally never reached during 

5 the execution of the program. Thus, a fraudulent interference with the execution of the 
program can result in the execution of one of these instructions, which, by setting the 
FLAG byte to 00, results in the execution of the fraud handling routine. 

Fig. 7 shows the appearance of the program memory according to the 
improvement. At the address 0890H (step 2a), the program executes an unconditional 

10 jump instruction. The instruction at the next address is therefore never executed, unless 
another jump instruction specifies it as a destination. The programmer writes an 
instruction for erasing the FLAG byte just after the unconditional jump instruction, and is 
careful never to specifiy it as a destination in his program. If a hacker disturbs the data 
bus, there is a certain level of probability that an unconditional jump instruction will not 

15 be executed and that this erase instruction will. This instruction sets all the bits of the 
FLAG byte to "0". During the final test in step 5, bits 1 and 2 of FLAG are at "0", and 
hence the value read is not the one expected. The program therefore interrupts its normal 
operation to jump to the fraud handling routine. 

The program illustrated by Fig. 7 shows two steps for erasing the FLAG byte 

20 (steps 2a and 3a). The erase instruction takes up only two bytes in program memory, as 
opposed to four bytes for the steps for updating the indicator, which at an equal level of 
performance saves space. An optimal program uses fairly few unconditional jump 
instructions. It is therefore possible to systematically place an erase instruction after an 
uncondtional jump. 
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CLAIMS 



1 1. Method for protecting the processing of sensitive information in a security 

2 module with a monolithic structure, the module comprising information processing 

3 means (31) and means for storing (32,33) information capable of being processed by said 

4 processing means, characterized in that it comprises the following steps: 

5 - selecting a piece of sensitive information in the storage means; 

6 - determining a specific condition for the integrity of said information; 

7 - reading the information and transmitting it to the processing means; 

8 - verifying during the processing of the information that the specific condition is 

9 satisfied; 

10 - disabling the processing of the information if the specific condition is not 

1 1 satisfied. 

1 2. Method according to claim 1, wherein the information is an operation code 

2 read in the storage means (32, 33), all of the operation codes being contained in a table 

3 having a content determined during the manufacture of the security module, and the 

4 specific integrity condition is the fact that the value of the information is equal to one of 

5 several set values. 

1 3. Method according to claim 2, wherein the operation code to be processed 

2 is coded in the form of data bits and said bits do not all have the same binary value. 

1 4. Method according to claim 1, wherein the specific integrity condition 

2 consists of checking a calculated piece of integrity data using the information read in the 

3 storage means (32, 33), the integrity data being calculated during the reading of the 

4 information and being transmitted to the processing means, the processing means 

5 calculating another piece of integrity data from the information received and checking for 

6 equality between the two integrity data. 
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1 5. Method according to claim 4, wherein the integrity data are calculated 

2 from at least one piece of calculation data whose value varies as a function of time. 

1 6. Method according to claim 4, wherein the integrity data are calculated 

2 from at least one piece of calculation data whose value varies randomly. 

1 7. Method according to claim 1, wherein the disabling of the processing of 

2 the information is performed by a microprogrammed instruction. 

1 8. Method according to claim 7, wherein the microprogrammed instruction 

2 performs the following steps: 

3 - writing a piece of disable data into a nonvolatile location of the storage means 

4 (32, 33); 

5 - disabling the processing of the information. 

1 9. Method according to claim 8 wherein, at the power-up of the module, a 

2 nonvolatile location of the storage means (32, 33) is read by the processing means (31), 

3 and the module is disabled if a value read at this location does not match. 

1 10. Security module constituted by an electronic circuit with a monolithic 

2 structure and comprising information processing means (31) and information storage 

3 means (32, 33), the processing means selecting information extracted from the storage 

4 means in order to process it, characterized in that the processing means comprise means 

5 for verifying a specific integrity condition of a piece of sensitive information, and means 

6 for disabling the processing of the information, said disabling means being activated 

7 when the verification means have detected that the specific condition is not satisfied. 

1 11. Security module according to claim 10, wherein the processing means (3 1) 

2 execute instructions corresponding to operation codes extracted from a table, 

3 characterized in that the table comprises a forbidden instruction value. 
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1 12. Security module according to claim 11, wherein the operation code to be 

2 processed is coded in the form of data bits, the security module comprising a means for 

3 reading the values of all the bits and a disabling means activated when the values of the 

4 bits are all identical. 

1 13. Security module according to claim 10, wherein the processing means (31) 

2 execute instructions corresponding to operation codes extracted from a table, the security 

3 module comprising a means for reading an operation code and a disabling means 

4 activated during the reading of a forbidden operation code. 

1 14. Security module according to claim 13, wherein the disabling means 

2 comprise a means for irreversibly writing an indicator into the storage means (32, 33), 

3 and a means for reading said indicator during the next power-up of the module. 

1 15. Security module according to claim 10, comprising parity generators (7, 8) 

2 cooperating with the storage means, parity generators (11) cooperating with the 

3 processing means, and a comparator connected to each of the parity generators and 

4 capable of inducing an interrupt in the processing means. 

1 16. Security module according to claim 15, wherein the operation of the parity 

2 generators (7, 8) varies as a function of time. 

1 17. Security module according to claim 15, wherein the operation of the parity 

2 generators (7, 8) varies randomly. 

1 18 Security module according to claim 14, characterized in that the 

2 irreversible writing of the indicator into the storage means (32, 33) is performed by 

3 executing a microprogrammed instruction. 

1 19. Security module according to claim 10, characterized in that the security 

2 module is a microcircuit card. 

17 



ABSTRACT 



METHOD FOR MAKING SECURE A SENSITVE INFORMATION 
PROCESSING IN A MONOLITHIC SECURITY MODULE, AND ASSOCIATED 

SECURITY MODULE 

The invention relates to a method for protecting the processing of sensitive 
information in a security module with a monolithic structure, the module comprising 
information processing means (9) and means for storing (3, 4) information capable of 
being processed by said processing means, characterized in that it comprises the 
following steps: 

- selecting a piece of sensitive information in the storage means; 

- determining (7) a specific condition for the integrity of said information; 

- reading the information and transmitting (1) it to the processing means; 

- verifying (11) during the processing of the information that the specific 
condition is satisfied; 

- disabling the processing of the information if the specific condition is not 
satisfied. 

The invention also relates to the associated security module. 

Fig. 4 
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Mon nom, mon domicile, mon adresse postale, ma nationaiite 
sont ceux qui figurent c;-aores, 



My residence, post office address and citizenship are as stated 
below next to my name. 



Je declare que je crois etre t'inventeur original, premier et 
unique (si un seui nom figure sur ie present acte) ou un des 
co-inventeurs, originaux et premiers (si plusieurs noms fi- 
gurent sur le present acte) du sujet revendique et pour iiquel 
un brevet est demande sur la base de 1'invention mtituiee: 



Procede de securisati o n du traitement crur i s 
information sensible dans un module de 
seiuiile munuliUiique, et (no dule Ue secmlUS 
associe. 

dont la description 

(cocher la case corresoondante) 



i believe i am the original, first and sole inventor (if only one 
name is listed below) or an original, first and joint inventor (if 
plural names are listed below) of the subject matter which is 
claimed and forwhich a patent is sought on the invention entitled 



the specification of which 
(check one) 



23 est annexee au present acte. 
□ a ete deposee 



Numero de serie de la demande . 
et modifiee le 



(si approprie) 



□ is attached hereto. 
Q was filed on 



. as 



Application Serial No. . 
and was amended on . 



(if applicable) 



Je declare par le present acte avoir examine et compris ie 
contenu de la description identifiee ci-dessus, revendications 
y compns, et le cas echeant telle que modifiee par i'amend- 
ment cite plus haut. 



I hereby state that I have reviewed and understand the con- 
tents of the above identified specification, including the claims, 
as amended by any amendment referred to above. 



Je reconnais le devoir de divulguer I'mformation qui est en 
rapport avec I'examen de cette demande selon Titre 37 du 
Code des Reglements Federaux §1. 56(a). 



I acknowledge the duty to disclose information which is ma- 
terial to the examination of this application in accordance with 
Title 37, Code of Federal Regulations, §1. 56(a). I 
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French Language Declaration 



Je revendique par le present acte te benefice de prrortte 
etrangere seton litre 35, du Code des Etats-Unis, §119 de 
toute demande de brevet ou d'attestation d'inventeur enu- 
meree ci-apres. et ]'ai identifie egalement ct-apres toute de- 
mande etrangere de brevet ou d'attestation d'inventeur ayant 
une date de deodt ameneure a csile de ia demande pour 
laquelle la pnonte est revendiquee. 



i hereby claim foreign priority oenefits under Title 35. United 
States Code, §1 19 of any foreign aooiication(s) for patent or 
inventor's certificate listed below and have also identified 
beiow any foreign application for patent or inventor's certifi- 
cate having a filing date before that of the application on 
wnich pnonty is claimed: 



Prior foreign applications 

Oemande(s) de brevet anteneure(s) dans un autre cays - 
FR 99 08409 France 30 06 1999 



(Number) 


(Country) 


(Day/Month/Year Fried) 


(Numero) 


(Pays) 


(Jour/Mois/Annee ae depot) 


(Number) 


(Country) 


(Day/Month/Year Hied) 


(Numero) 


(Pays) 


(Jour/Mois/Annee de depot) 


(Number) 


(Country) 


{Day/Month/Year riled) 


(Numero) 


(Pays) 


(Jour/Mois/Annee de deobt) 



Priority claimed 

Droit de ononte 
revendique 



Ho 
Non 



a 

Qui 

Vis 
Oui 



No 
Non 

Nan 



Je revendique par le present acte, le benefice seion Titre 35 
du Code des Etats-Unis, §120 de toute(s) demande(s) ame- 
ricaines enumeree(s) ci-apres et, dans !a mesure ou le sujet 
de chacune des revendications de cette aemande n'est pas 
divulgue dans ia demande amencame anterieure, de la facon 
definie par le premier paragraphe de Titre 35 du Code des 
Etats-Unis, §112, je reconnais le devoir de divulguer i'lnfor- 
mation pertinente selon Titre 37 du Code des Reglements 
Federaux, § 1.56(a), toute information qui se presente entre 
la date de depot de la demande anteneure et la date de depot 
de la demande, sort nationale, sott internationaie PCT. 



pcrtooo/omtf z 3/06/ 

(ftopltcation Sena! No.} (Filing 3at< 



(kopltcation 

(No. de Demande) 



Zoo*? 



(Filing Date) 
(Date de Oepot) 



I hereby claim the benefit under Title 35, United States Code, 
§120 of any United States application(s) listed below and, 
insofar as the subject matter of each of the claims of this 
application is not disclosed in the pnor United States apoli- 
cation m the manner provided by the first paragraph of Title 
35, United States Code, §112, I acknowledge the duty to 
disclose material information as defined in Title 37, Code of 
Federal Regulations, §1. 56(a) which occurred between the 
filing date of the prior application and the national or PCT 
international filing date of this application: 



(Etat) 
(brevetee, pendante. 
abandonne) 



(Status) 
(patented, pending, 
aoandoned) 



(Application Serial No.) 
(No. de Demande) 



(Fiimg Date) 
(Date de Depot) 



(Etat) 
(brevetee. pendante. 
abandonnee) 



(Status) 
(patented, pending, 
abandoned) 



Je declare par le present acte que toutes mes declarations, 
a ma connaissance, sont vraies et que toutes les declarations 
faites a partir de renseignements ou de supoositions, sont 
tenues pour etre vraies; de plus, toutes ces declarations ont 
ete faites en sachant que de fausses declarations volontaires 
u autres actes de meme nature sont sanctionees par une 
amende ou un empnsonnement. ou les deux, selon la Section 
1001, du Titre 18 de Code des Etats-Unts et que de seiles 
declarations deliberement fausses peuvent compromettre la 
validite de la demande ou du brevet delivre. 



I hereby declare that ail statements made herein of my own 
knowledge are true and that all statements made on infor- 
mation and belief are believed to be true; and further that 
these statements were made with the knowledge that willful 
false statements and the tike so made are punishable by fine 
or imprisonment, or both, under Section 1001 of Title 13 of 
the United States Code and that such willful false statements 
may jeopardize the validity of the application or any patent 
issued thereon. 
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French Language Declaration 



POUVOIR: En tani qu'inventeur, je designe i'(les) avocat(5) 
et/ou l'(!es) agent(s) sutvant(s) pour poursuivre ia procedure 
de cette demande ex traiter toute affaire la concemant supns 
du 8ureau des Brevets at de Marques: 



Harold L . Scoweii, Rag. 17,233 
Ed vara J. Kondracki, Rag ." ToTo'Q^ 
Dennis P. Clarke, Reg. 22 , 549 
William L . Feetiey, Reg. 29 ,913 
John G. Karins, Reg. 32 ., 421 , 



POWER OF ATTORNEY: As a named inventor, I hereby 
appoint the following attorney(s) ana/or agent(s) to prosecute 
this application and transact ali cusiness in the Patent and 
Trademark Office connected therewith, (list name and reg- 
istration number) 

Harold L. Stowell, Reg. 17,233 
Edward J. Kondracki, Reg. 20,604 
Dennis ?. Clarke, Reg. 22,549 
William L. Feeney, Rag. 29,918 
John C. Karins, Reg. 32,421 



Adresser toure correspondanca a: 

O 'BgR KAM. STOWELL, KONDRACKI^ 
U & CLARKE, P.C. 

11 5 2Q3 l aesburg^ike^ita lOQ 

d Falls Church, VA 22041 



Send Correspondence to: 
Edward J. Kondracki, Esq. 
KERKAft, STOWELL, KONDRACKI 

& CLARKE, P.C. 
5203 Leesburg Rika, Suica 600 
Falls Church, VA 22041 



sv^dresser toute communication telephontaue a: 
IS^A/orn) (Numero de telephone) 

m Edward J. Kondracki, Esq. 
7 (703) 998-3302 



Direct Telephone Calls to: {name and telephone number) 

Edward J. Kondracki, Esq . 
(703) 998-3302 



Mwbm compiet du seul ou premier mventeur 

UAZABDl MicheL 


Full name of sole or first inventor 


Signature de I'inventeur Oate 


inventor's signature 


Date 


5f"r^es Harias 78124J/IAREIL SUR MAULDRE FRMC^. 


Residence 




Citizenship 


Adresse Postale 

27 rue des Harias 78124 MAREIL SUR MAULDRE FRANCE 


Post Office Address 






Nom compiet du second co-*n vent evir, le cas echeant 


Full name of second joint inventor, if any 


Signature de I'inventeur Oate 


Second Inventor's signature 


Oate 


Domicile 


Residence 


Nationality 


Citizenship 


Adresse Postaie 


Post Office Address 







(Fournir ies memes renseignements et ta signature de tout (Supply similar information and signature for third and sub- 
co-inventeur suppiementaire.) sequent joint inventors.) 
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